Skip to content

Commit

Permalink
Fix S3 assume-role options (#37)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dim
dim authored May 27, 2021
1 parent d2e433b commit 9ef301b
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 15 deletions.
2 changes: 1 addition & 1 deletion .version
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.8.3
0.8.4
18 changes: 9 additions & 9 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,34 @@
PATH
remote: core
specs:
bfs (0.8.3)
bfs (0.8.4)

PATH
remote: ftp
specs:
bfs-ftp (0.8.3)
bfs (= 0.8.3)
bfs-ftp (0.8.4)
bfs (= 0.8.4)
net-ftp-list

PATH
remote: gs
specs:
bfs-gs (0.8.3)
bfs (= 0.8.3)
bfs-gs (0.8.4)
bfs (= 0.8.4)
google-cloud-storage (~> 1.18)

PATH
remote: s3
specs:
bfs-s3 (0.8.3)
bfs-s3 (0.8.4)
aws-sdk-s3 (~> 1.38)
bfs (= 0.8.3)
bfs (= 0.8.4)

PATH
remote: scp
specs:
bfs-scp (0.8.3)
bfs (= 0.8.3)
bfs-scp (0.8.4)
bfs (= 0.8.4)
net-scp

GEM
Expand Down
15 changes: 10 additions & 5 deletions s3/lib/bfs/bucket/s3.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,15 +141,20 @@ def init_client(**opts)
config[:credentials] = opts[:credentials] if opts[:credentials]
config[:credentials] ||= Aws::Credentials.new(opts[:access_key_id].to_s, opts[:secret_access_key].to_s) if opts[:access_key_id]
config[:credentials] ||= Aws::SharedCredentials.new(profile_name: opts[:profile_name]) if opts[:profile_name]
config[:credentials] = Aws::AssumeRoleCredentials.new(
client: config[:credentials] ? Aws::STS::Client.new(credentials: config[:credentials]) : nil,
role_arn: opts[:assume_role],
role_session_name: SecureRandom.urlsafe_base64(12),
) if opts[:assume_role]
config[:credentials] = assume_role_credentials(opts[:assume_role], config[:credentials]) if opts[:assume_role]

Aws::S3::Client.new(config)
end

def assume_role_credentials(role_arn, credentials = nil)
opts = {
role_arn: role_arn,
role_session_name: SecureRandom.urlsafe_base64(12),
}
opts[:client] = Aws::STS::Client.new(credentials: credentials) if credentials
Aws::AssumeRoleCredentials.new(**opts)
end

def walk(pattern, **opts)
prefix = pattern[%r{^[^*?\{\}\[\]]+/}]
prefix = File.join(*[@prefix, prefix].compact) if @prefix
Expand Down

0 comments on commit 9ef301b

Please sign in to comment.